<?php
class OcmUserController extends FW24H_AppController{
	function index() {
		parent::beforeFilter();

		$this->setParam( 'Users', $this->User->find());
		
		$this->render();
	}

	function beforeFilter() {
	
	}
	
	function add(){
		parent::beforeFilter();
		
		$this->checkPermission( 'create');
		
		if( isset( $_POST) && $_POST['user_name'] != '') {
			if( !fw24h_isUsername( $_POST['user_name'])) {
				$this->setParam( 'error', 'TÃªn truy cáº­p khÃ´ng Ä‘Æ°á»£c bá»? trá»‘ng');
			}
			elseif( !fw24h_isPassword( $_POST['user_password'])) {
				$this->setParam( 'error', 'Máº­t kháº©u khÃ´ng Ä‘Æ°á»£c bá»? trá»‘ng');
			} else {
				// add user
				$check = $this->User->checkUser( $_POST['user_name'], $_POST['user_email']);
				if( $check == 0){
					$_POST['user_salt'] = fw24h_makeSalt(5, 6);
					$_POST['user_password'] = fw24h_makePassword($_POST['user_password'], $_POST['user_salt']);
					$_POST['user_createdate'] = date('Y-m-d H:i:s');
					
					$this->User->addUser( $_POST);
					$this->redirect( BASE_URL.'/user/add?rs=true');
				} else {
					if($check == 1){
						$this->setParam( 'error', 'TÃªn truy cáº­p Ä‘Ã£ tá»“n táº¡i');
					}
					else{
						$this->setParam( 'error', 'Email Ä‘Ã£ tá»“n táº¡i');
					}
				}
			}
		}
		$this->render();
	}
	function edit() {
		parent::beforeFilter();
		$this->checkPermission( 'create', 'user/add');
		
		$uid = intval($this->_path_info[0]);
		
		if(isset($_POST['gone'])){
			// update user
			if($_POST['user_password'] != ''){
				$_POST['user_salt'] = fw24h_makeSalt( 5, 6);
				$_POST['user_password'] = fw24h_makePassword( $_POST['user_password'], $_POST['user_salt']);
			}
			else{
				unset($_POST['user_salt']);	
				unset($_POST['user_password']);	
			}
			unset($_POST['user_name']);
			$this->User->update( $_POST, $uid);
			$this->redirect( BASE_URL.'/user/edit/'.$uid.'?rs=true');
		}
		$this->setParam( 'arrUser', $this->User->get( $uid));
		$this->render();
	}
	function login() {


		
		$this->layout = 'ajax';
		if(isset($_POST['gone'])){
			
			if( !fw24h_isUsername( $_POST['txtuser']) || !fw24h_isPassword( $_POST['txtpwd'])) { // kiem tra 
				$this->setParam( 'loginFailed', true);
			}else {			
				$_POST['remember'] = isset( $_POST['remember'])?$_POST['remember']:'';
				
				$returnValue = $this->User->checkLogin( $_POST['txtuser'], $_POST['txtpwd'], $_POST['remember']);
				if( is_array( $returnValue) && sizeof( $returnValue) > 0){
					$this->setLogin( $returnValue);
					// Update last login
					$this->User->updateLogin( array( 'user_lastlogin'	=>	date( 'Y-m-d H:i:s')), $returnValue['user_id']);
					$this->redirect( BASE_URL.'home');
				}
				else{
					$this->setParam( 'loginFailed', true);
				}
			}
		} else {
			$ck = $this->User->checkCookie();
			if( is_array( $ck) && sizeof( $ck) > 0){
				// Cookie is OK
				// Let set user session
				$this->setLogin( $ck);
				// Update last login
				$this->User->updateLogin( array('user_lastlogin'	=>	date( 'Y-m-d H:i:s')), $ck['user_id']);
				$this->redirect( BASE_URL.'home');
			}
		}
		$this->render();

		$this->blockNoCache = true;
		$this->blockNoCacheArray['login'] = $this->masterContent;
		$this->blockNoCacheArray['login2'] = 'dungpt '.time();
	}


	function logout(){
		
		unset( $_SESSION['OCM_LOGIN']);
		unset( $_SESSION['OCM_UID']);
		unset( $_SESSION['OCM_UNAME']);
		// Delete cookie if exist
		setcookie( 'OCM_UID', '', time()-60*60*24*30, "/");
		setcookie( 'OCM_24HFW', '', time()-60*60*24*30, "/");

		session_unset(); 
		// Finally, destroy the session. 
		session_destroy(); 

		$this->redirect( BASE_URL.'user/login');

	}

	function afterFilter() {
		if( $this->actionName == 'view'){
			$this->Category();
		}
		
	}

	function permissions( $user_id = '') {

		parent::beforeFilter();
		
		if( is_numeric( $_GET['menu'])) {

			$this->checkPermission( 'edit');

			$perm = (preg_match( '#^[a-zA-Z]+$#', $_GET['newperm'])?$_GET['newperm']:'none');
			$old_perm = (preg_match( '#^[a-zA-Z]+$#', $_GET['permission'])?$_GET['permission']:'none');
			
			$objPermMenu = new FW24H_Model( '24hfw_user_menu', '24hfw_user_menu_id');

			if( $_GET['fw24h_user_menu_id']!='' && is_numeric( $_GET['fw24h_user_menu_id'])) {
				if( $objPermMenu->find( "24hfw_user_menu_id={$_GET[fw24h_user_menu_id]} AND 24hfw_user_menu_menu={$_GET[menu]} AND 24hfw_user_menu_permission='{$old_perm}' AND  24hfw_user_menu_user=".$this->_path_info[0])) {
					$objPermMenu->delete( $_GET['fw24h_user_menu_id']);
				}
			}else{
				$v_new_perm['24hfw_user_menu_permission'] = $perm;
				$v_new_perm['24hfw_user_menu_menu'] = $_GET['menu'];
				$v_new_perm['24hfw_user_menu_user'] = $this->_path_info[0];
				$objPermMenu->save( $v_new_perm);
			}
			$this->redirect( BASE_URL.'user/permissions/'.$this->_path_info[0]);

		}
		
		$this->checkPermission( 'read');

		$objPerm = new FW24H_Model( '24hfw_permission', 'permission_id');

		
		
		$this->setParam( 'User', $this->User->get( $user_id));

		$objPerm->_cache = false;
		$this->setParam( 'Perms', $objPerm->find());

		$this->render();

	}

	/**
	 * Enter description here...
	 *
	 * @param unknown_type $s
	 */
	function setLogin( $s=array()) {
		// Login success
		// Set session
		// Redirect user to AdminCP
		$_SESSION['OCM_LOGIN'] = true;
		$_SESSION['OCM_UID'] = $s['user_id'];
		$_SESSION['OCM_UNAME'] = $s['user_name'];
	}

}

